Penetration Testing mailing list archives
Testing MMx stack
From: "Gleb Paharenko" <gpaharenko () gmail com>
Date: Thu, 6 Mar 2008 11:31:47 +0200
Hi. Is some body has experience in testing MM1,MM7,etc. interfaces of MMSC and other MMS related infrastructure of GSM operators. For MM1 I've found the folowing vectors to be checked: - web interface of MMSC - web interface of MMS composing and displaying though internet oparators web-site (even though malformed mms) - attacks on mobile phone though specially crafted MMS MM7 have not been researched by me yet, but it seems that all web-services stuff could be evaluated. I'm able to create custom MMS and send them (using NowSMS) though gprs modem. -- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Testing MMx stack Gleb Paharenko (Mar 06)